How worried should we be about the recent cyber attack that took down some of America’s most popular websites?
By Zeid Nasser
The Internet attack began at around 7am Eastern Time in the United States, just as people there were waking up and preparing to go to work. A web technology provider called Dyn was coming under a massive denial of service assault, which was in turn shutting down websites belonging to some of its clients. These included some of the biggest names on the Internet, such as Twitter, Netflix, PayPal, Trip Advisor, LinkedIn, and Spotify.
The attack knocked these websites out for several hours because Dyn’s domain-name-system services were overloaded and couldn’t carry out their job, which can be best described as a phone book that facilitates requests to specific webpages.
Hackers carried our this cyber assault by creating an army of bots, using unsecured Internet-connected devices including millions of web cameras and DVRs. Using a tool called Mirai, which is a piece of malware freely available for download, they were able to effectively scan the Internet for those devices that still have factory default or static username and password combinations; then take control of them to unleash a whole new level of attacks unseen before. So, site services were denied to typical users. It’s a serious reason to worry about in the rising Internet of Things era.
The business day was disrupted, as the effects spread westward throughout the United States and even crossed the Atlantic to impact Europe and the Middle East; leading to the loss of billions of dollars in revenues for websites that went down.
Unlike typical denial-of-service attacks, such as regular ones from the hacker collective known as Anonymous, this attack did not target a specific site, or brand, but it was a major hosting company causing major damage. So who, then, was behind this particular attack? The US Department of Homeland Security started investigating immediately, but did not find any specific answers. The attacks were obviously pre-planned, there were no extortion demands, and they were on a massive scale that specifically targeted the United States.
Some believe state actors could be responsible. One tech expert, Bruce Schneier, wrote on his blog that over the past year or two, someone had been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. “We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses,” he said.
If his hunch is correct, then this once again raises the specter of an attack in cyberspace triggering a real life conflagration between major powers. According to NATO’s charter, if it’s established that any country or group has purposely attacked one of the 28 member nations, then this could trigger a collective military response from alliance.
So there’s a very real possibility that this cyber attack could be a precursor to even larger campaigns to come. If a well planned, denial-of-service attack can quickly paralyze the Internet, and if states can utilize this ability to wage global cyber wars, then surely we should implement protective measures before we continue our march towards a fully connected—and fully vulnerable—age of the Internet of Things.